|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Opening ports in Firewall
Frank Willoughby (frankw
in.net)
Fri, 16 Oct 1998 14:05:00 -0500
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Stephen P. Gibbons: "Re: future of IDS"
- Previous message: Brent Huston: "Re: future of IDS"
- Next in thread: Frank Willoughby: "Re: Opening ports in Firewall"
At 08:35 AM 10/16/98 -0500, Hines Dennis wrote:
>Aside from IP tunneling, what are the risks associated with opening an
>outbound port, say 7100, in a firewall to support an application that makes
>a direct connection to a site on the Internet (via IP address) for the
>purpose of say downloading software updates. What are the risks if the
>firewall is an SPF, proxy, or packet filter - (with or without NAT).
One of the risks is that someone may spoof the software update site and
have you download a program containing a trojan horse, logic bomb, worm,
virus, or any of a multitude of undesired functionalities.
>Thanks for the insight,
>
>Dennis
>
>---
>Dennis Hines
>dennis.hinescolumbia.net
>---
Best Regards,
Frank
The opinions of the author of this mail may not necessarily be
representative of the opinions of Fortifed Networks, Inc.
(c) Fortified Networks, Inc. - http://www.fortified.com/
Home of the Free Internet Firewall Evaluation Checklist
Expert (vendor-neutral) Computer and Network Security Solutions
Fixed Price Contracts - Expert Information Security Officers
Phone: (317) 573-0800 Fax: (317) 573-0817
- Next message: Stephen P. Gibbons: "Re: future of IDS"
- Previous message: Brent Huston: "Re: future of IDS"
- Next in thread: Frank Willoughby: "Re: Opening ports in Firewall"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:11:57 CDT